if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

oooo thx in order to extract information, would you use a sniffer or try to establish a shell in the system? I heard you cant sniff WPA/WPA2 traffic in monitor mode because of client keys :S

if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

oooo thx in order to extract information, would you use a sniffer or try to establish a shell in the system? I heard you cant sniff WPA/WPA2 traffic in monitor mode because of client keys :S

Whether or not you would use a sniffer or get a shell on the system is really dependent. Sniffing the traffic will probably be a lot easier and if it gives you all the information you're looking for then that is great. Getting a shell on the system would be a lot harder because you need to find some vulnerability that lets you exploit your way on to the system. If you need control of the system to achieve your ends, a sniffer really isn't going to do much for you (unless you can sniff a username and password for the system).

Even though you mightn't be able to passively sniff in monitor mode, that doesn't mean that all is lost. There still might be ways to sniff the traffic such as ARP poisoning (or if you're feeling adventurous, a physical tap).

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

so if I were to try to intercept and unencrypt traffic... what would one do

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

so if I were to try to intercept and unencrypt traffic... what would one do

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.

I'm not sure where the sql database is,but once your in the network you could just scan for open ports with nmap and investigate from there and you would probably get some of that info anyway by running a man in the middle attack.

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.